Social justice wizard, future library/archives/info mgt student. She/her.
94 stories
·
5 followers

Domain overseer lifts all price caps on .Org domain names - Domain Name Wire

1 Share

ICANN ignores community input and agrees to lift price restrictions on .org domains.

Circular shapes with .org in them and mouse pointers. Green, blue and pink colors.

As many feared, the comment period was just a formality.

ICANN has agreed to remove price restrictions on .org domain names, letting the domain’s manager, Public Interest Registry, charge as much as it wants for the domains. (It also agreed to let .info manager Afilias charge whatever it wants for .info.)

This is despite only six out of over 3,000 comments being in favor of removing price caps.

You can blame two things: ICANN wanting to make its life easier with a misguided attempt to make its registry agreements similar, and regulatory capture.

ICANN’s decision foreshadows that the organization will agree to .com price increases. Eventually, caps on .com domains could disappear.

10 million .org domains are currently registered and were registered under a system in which Public Interest Registry could not increase prices at will. Now, non-profits and other organizations that have been using these domains for years could face steep price increases.

The good news is that Public Interest Registry’s management is competent and well-guided. They will likely wait a while before making any major changes to avoid comments of “we told you so”.

But management changes. Boards change. And one day, it could get ugly.

It will be interesting to see if any parties consider antitrust challenges.

Read the whole story
claudinec
22 days ago
reply
Melbourne, Australia
Share this story
Delete

The org that doles out .org websites just sold itself to a for-profit company

1 Share

Today, the Public Interest Registry (PIR), which maintains the .org top-level domain, announced that it will be acquired by Ethos Capital, a private equity firm (via Domain Name Wire). This move will make PIR, previously a non-profit domain registry, officially part of a for-profit company — which certainly seems at odds with what .org might represent to some. Originally, “.org” was an alternative to the “.com” that was earmarked for commercial entities, which lent itself to non-profit use.

That’s not all: On June 30th, ICANN, the non-profit that oversees all domain names on the internet, agreed to remove price caps on rates for .org domain names — which were previously pretty cheap. Seems like something a for-profit company might want.

Removing price caps wasn’t exactly a popular idea when it was first proposed on March 18th. According to Review Signal, only six of the more than 3,000 public comments on the proposal were in favor of the change.

In an “open letter” published on May 1st, just days after the comment period had closed, PIR said that it had “no specific plans for any price increases for .org.” But that was then, and if the rates for .org domains do go up in the future, it could affect non-profits and institutions that rely on low domain name fees to maintain their websites.

.info and .biz, which also used to have price caps, had them removed this year as well.

Read the whole story
claudinec
22 days ago
reply
Melbourne, Australia
Share this story
Delete

Machine Learning Captcha

2 Comments and 5 Shares
More likely: Click on all the pictures of people who appear disloyal to [name of company or government]
Read the whole story
claudinec
22 days ago
reply
Melbourne, Australia
Share this story
Delete
2 public comments
lousyd
21 days ago
reply
It's a trick. Don't do it!
Wilmington, NC, USA
fxer
22 days ago
reply
No pic of me kneeling in supplication to my blender?
Bend, Oregon

Non-binary "singular they" endorsed by Merriam-Webser

2 Shares

"Singular 'they': Though singular 'they' is old, 'they' as a nonbinary proonoun is new — and useful", Merriam-Webster Words We're Watching:

Much has been written on they, and we aren't going to attempt to cover it here. We will note that they has been in consistent use as a singular pronoun since the late 1300s; that the development of singular they mirrors the development of the singular you from the plural you, yet we don't complain that singular you is ungrammatical; and that regardless of what detractors say, nearly everyone uses the singular they in casual conversation and often in formal writing.

They is taking on a new use, however: as a pronoun of choice for someone who doesn't identify as either male or female. This is a different use than the traditional singular they, which is used to refer to a person whose gender isn't known or isn't important in the context, as in the example above. The new use of they is direct, and it is for a person whose gender is known, but who does not identify as male or female. If I were introducing a friend who preferred to use the pronoun they, I would say, "This is my friend, Jay. I met them at work."

M-W's action got a lot of  media play, mostly positive or neutral — e.g. "Merriam-Webster adds non-binary pronoun 'they' to dictionary" (WaPo), "When Dictionaries Wade Into the Gender (Non)Binary" (NYT), "Merriam-Webster dictionary adds 'they' as nonbinary pronoun" (The Guardian), "Merriam-Webster adds nonbinary 'they' pronoun to dictionary" (NBC), and so on.

Predictably, there were some negative reactions as well, e.g. "'Non-Binary' Nonsense" (The National Review), "The problem with calling Sam Smith 'they'" (The Spectator), "Merriam-Webster Redefines 'They' to Include a Non-Binary Person" (Christian Headlines), etc.

Let's note that the usual political philosophies tend to be inverted in this case — the rightward end of the political spectrum, generally opposed to regulation and in favor of market forces in economic matters, comes down squarely in favor of central planning and control in matters of usage, at least when bottom-up innovations are at issue. See "Authoritarian rationalism is not conservatism", 12/11/2007; "Peever politics", 11/20/2011; "James Kilpatrick, Linguistic Socialist", 3/28/2008; "Querkopf von Klubstick returns", 6/10/2008.

Another politico-linguistic puzzle is the fact that Quaker thee began as a similar sort of authoritarian rationalism — see "George Fox, Prescriptivist" (10/24/2010), and "That false and senseless Way of Speaking" (7/1/2016).

 

 

Read the whole story
bluebec
64 days ago
reply
Melbourne
claudinec
65 days ago
reply
Melbourne, Australia
Share this story
Delete

Python Insider - powered by FeedBurner

1 Share

We're 

further

 increasing the security of the Python Package Index with another new beta feature: scoped API tokens for package upload. This is thanks to a 

grant from the Open Technology Fund

, coordinated by the 

Packaging Working Group

 of the 

Python Software Foundation

.


Over the last few months, we've 

added two-factor authentication (2FA) login security methods

. We added Time-based One-Time Password (TOTP) support in late May and physical security device support in mid-June. Now, over 1600 users have started using physical security devices or TOTP applications to better secure their accounts. And over the past week, over 7.8% of logins to <a href="http://PyPI.org" rel="nofollow">PyPI.org</a> have been protected by 2FA, up from 3% in the month of June.


Now, we have another improvement: 

you can use API tokens to upload packages

 to PyPI and 

Test PyPI

! And we've designed the token to be a drop-in replacement for the username and password you already use (warning: this is a 

beta feature

 that 

we need your help to test

).



How it works: 

Go to your 

PyPI account settings

 and select "Add API token". When you create an API token, you choose its scope: you can create a token that can upload to all the projects you maintain or own, or you can limit its scope to just one project.



The token management screen shows you when each of your tokens were created, and last used. And you can revoke one token without revoking others, and without having to change your password on PyPI and in configuration files.


Uploading with an API token is currently optional but encouraged; in the future, PyPI will set and enforce a policy requiring users with two-factor authentication enabled to use API tokens to upload (rather than just their password sans second factor). Watch 

our announcement mailing list

 for future details.



Why: 

These API tokens can 

only

 be used to upload packages to PyPI, and not to log in more generally. This makes it safer to automate package upload and store the credential in the cloud, since a thief who copies the token won't also gain the ability to delete the project, delete old releases, or add or remove collaborators. And, since the token is a long character string (with 32 bytes of entropy and a service identifier) that PyPI has securely generated on the server side,

 we vastly reduce the potential for credential reuse on other sites and for a bad actor to guess the token.




Help us test: 

Please 

try this out

! This is a 

beta feature

 and we expect that users will find minor issues over the next few weeks; we ask for your bug reports. If you find any potential security vulnerabilities, please follow our 

published security policy

. (Please don't report security issues in Warehouse via GitHub, IRC, or mailing lists. Instead, please directly email <a href="mailto:security@python.org">security@python.org</a>.) If you find an issue that is not a security vulnerability, please 

report it via GitHub

.


We'd particularly like testing from:


  • Organizations that automate uploads using continuous integration
  • People who save PyPI credentials in a .pypirc file
  • Windows users
  • People on mobile devices
  • People on very slow connections
  • Organizations where users share an auth token within a group
  • Projects with 4+ maintainers or owners
  • People who usually block cookies and JavaScript
  • People who maintain 20+ projects
  • People who created their PyPI account 6+ years ago
What's next for PyPI: 

Next, we'll move on to working on an advanced audit trail of sensitive user actions, plus improvements to accessibility and localization for PyPI (some of which have already started). More details are in 

our progress reports on Discourse

.


Thanks to the 

Open Technology Fund

 for funding this work. And please sign up for the 

PyPI Announcement Mailing List

 for future updates.


Written by Sumana Harihareswara, published initially to <a href="https://pyfound.blogspot.com/2019/07/pypi-now-supports-uploading-via-api.html" rel="nofollow">https://pyfound.blogspot.com/2019/07/pypi-now-supports-uploading-via-api.html</a>

Read the whole story
claudinec
71 days ago
reply
Melbourne, Australia
Share this story
Delete

Amazon Employees Will Walk Out Over Climate Change Inaction

1 Share

“I think it’s totally legitimate to say this is a really harmful industry," Fribley says. "It’s accelerating climate change, it pollutes environments and communities in all these different ways, and it’s really dangerous—and we’re not going to do business with it.”

And in July, The New York Times reported that Amazon had paid $15,000 to sponsor an event organized by the Competitive Enterprise Institute, a libertarian think tank notorious for its attempts to sow public doubt about the scientific consensus on climate change for decades. In a Medium post published in July, Amazon Employees for Climate Justice said they were “heartbroken and angry” about the sponsorship and noted that Amazon had also donated to 68 members of Congress in 2018 who consistently voted against climate change legislation. Now, the workers want Amazon to stop funding groups like CEI, as well as politicians who deny the harmful impacts of a warming planet.

Goal Oriented

Amazon has previously set ambitious environmental goals but has yet to attain them. In 2014—just months after Greenpeace published a damning report on the company's energy usage—Amazon pledged to run 100 percent of AWS on renewable energy sometime in the future. It’s so far only met half of its stated goal. Both Google and Apple already power their operations with 100 percent clean energy, and Facebook says it is not far behind.

LEARN MORE



The WIRED Guide to Climate Change

Earlier this year, members of Amazon Employees for Climate Justice met with company leadership to discuss the retail giant's plans to combat the climate crisis. Fribley says that, during the meeting, he was surprised to learn that Amazon appeared to have few specific environmental objectives. “I think everybody at Amazon knows that’s not how you get stuff done," he says. "That was kind of eye-opening—to hear that there weren’t goals around reducing the amount of carbon Amazon emits.”

Unlike more than 7,000 corporations around the world, Amazon doesn’t report on its environmental impact to CDP, a UK-based nonprofit formerly known as the Carbon Disclosure Project. This year, the retail giant said it would finally begin tracking its carbon footprint, but it’s developing its own secretive approach. Corporations that disclose data to CDP do so in a standardized way, whereas Amazon is developing its own methodology.

In an emailed statement, an Amazon spokesperson did not address the walkout directly. "Playing a significant role in helping to reduce the sources of human-induced climate change is an important commitment for Amazon," the statement reads, in part. "We have dedicated sustainability teams who have been working for years on initiatives to reduce our environmental impact."

Amazon has announced several new sustainability initiatives in recent months, including Shipment Zero, a goal to have 50 percent of all deliveries reach net carbon zero by 2030. Shortly after the Gizmodo investigation was published, Amazon also announced it would build three new wind farms, its first renewable energy projects in more than two years.

The planned walkout isn’t the first action Amazon Employees for Climate Justice have taken. Last year, a group of several dozen former and current employees, who were given company stock as part of their compensation packages, jointly filed a shareholder resolution that would have forced Amazon to issue a report on how it planned to grapple with climate change.

As the resolution began gaining support internally, Amazon publicly announced Shipment Zero. The next day, Mark Hoffman, a top lawyer at Amazon, asked the workers whether they would now consider withdrawing it. But they decided the goal wasn’t good enough. Instead of taking back their resolution, the employees published a public letter asking Bezos and Amazon’s board of directors to adopt it. Over 8,000 employees publicly signed their names. Though the resolution ultimately didn’t pass, it helped to raise public awareness and build support among employees inside Amazon—and ultimately led to the upcoming walkout.

Growing Dissent

Amazon employees have walked out previously this year, as part of a broader backlash against working conditions in its sprawling warehouses. In March, Amazon workers at a Minnesota warehouse left their posts—likely the first strike ever at an Amazon facility in the United States. Employees at the same fulfillment center went on strike again during the company's annual Prime Day sale in July. Several weeks later, another group of workers at a nearby delivery center in Minnesota also walked off the job.

Read the whole story
claudinec
87 days ago
reply
Melbourne, Australia
Share this story
Delete
Next Page of Stories